Chinese hackers have infiltrated U.S. infrastructure, remaining hidden for up to five years and potentially planning destructive cyberattacks in case of war according to CNN. This has led to a new public cybersecurity warning in the U.S.
The FBI director, Chris Wray, told the House select committee on the Chinese Communist party that there had been far too little public focus on a cyber threat that affects “every American”, adding “China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike.”.
What does this latest episode of cyber-espionage mean? Gabrielle Hempel, Customer Solutions Engineer at LogRhythm has explained some of the key ramifications to Digital Journal.
Hempel indicates that one of the problems with building defences against this type of cyber-activity is due to the labyrinthine nature of key systems and processes. She observes: “Critical infrastructure systems are extremely complex and interconnected, which makes them not only difficult to secure against attacks, but requiring specialized knowledge to understand and mitigate any vulnerabilities they might have.”
Another challenge is in the form of resources, finds Hempel: “Often, critical infrastructure organizations also have resource constraints, which makes it difficult to implement and maintain security measures both from a personnel and financial standpoint.”
Hempel indicates that the role of the state can be important in helping companies build stronger defences, stepping in to correct market failings: “Public-private partnerships will aid in ensuring robust standards and frameworks are developed to protect critical infrastructure, and that intelligence is shared in a timely manner in order to address any threats. These partnerships can also garner legislative support by putting more weight behind regulations that can be implemented effectively.”
Investing in trying to repel attacks will pay off eventually, given the cost of data breaches should they occur. Hempel says: “The costs resulting from these attacks on critical infrastructure will be multi-stage: there will be an up-front cost of remediation efforts, including the immediate response, system recovery and replacement, and any regulatory fines and legal costs that may be incurred.”
The effect escalates, impacting other firms as well. Hempel notes: “There will also be disruption to supply chains, i.e., anyone that is reliant on these systems will also have operational delays in a cascading effect. This may also lead to increased costs for consumers, as disruptions, contractual penalties, and lost revenue can drive up prices of goods and services.”
Hempel sees the U.S. situation as being mirrored globally: “The collaborative warning highlights the alarming fact that the same cyber threats are having an impact across the globe. There are numerous opportunities for strengthening international collaboration, including the real-time sharing of information and intelligence, joint research initiatives, and development of unified standards and frameworks for cybersecurity.”
For future safeguarding, Hempel returns to the key part to be played by governments: “However, it is also important to stress the importance of developing public-private partnerships not only nationally, but on a global scale in order to truly address vulnerabilities and attacks on critical infrastructure across the board. Because these attacks simultaneously span the globe geographically and organizations from public to private, they need to be addressed across these planes as well.”